By me @forbes.com: It's always at the weekend, innit? Adobe urges admins to patch Adobe Acrobat and Reader on Windows and macOS within 72 hours as CVE-2026-34621 attacks confirmed.

www.forbes.com/sites/daveyw...

FBI Confirms $10 Million Reward After Iran Hacks Kash Patel’s Gmail The FBI has confirmed that the personal Gmail account of Director Kash Patel has, indeed, been compromised. $10 million is up for grabs to identify the Iranian hackers.

FBI confirms Patel Gmail hack, $10 million on offer through the Department of State Rewards for Justice scheme for “information leading to the identification of the Handala Hack Team out of Iran.”

www.forbes.com/sites/daveyw...

iOS 26 Security Update Warning—iOS 18 Silent Compromise Exploit Alert Apple has confirmed a new security update for iOS users, but you need to make sure this setting is enabled to get it. Here’s what you need to know and do.

It’s been quite the week for iPhone users…

www.forbes.com/sites/daveyw...

LastPass Issues New Account Password Warning—Attacks Are Underway LastPass has confirmed a new and ongoing attack that began on March 1 and targets user account credentials. Here’s what you need to know and do.

By me @Forbes: A LastPass spokesperson told me: “There has been no evidence of a breach at this time.”

www.forbes.com/sites/daveyw...

Copilot AI ‘Microslop’ Chat Ban Is Not Censorship—Says Microsoft After social media users complained that Microsoft has banned the use of ‘Microslop’ on its Copilot AI Discord chat servers. Microsoft says this is not censorship.

The Microslop chat ban is not what you think, Microsoft says.

www.forbes.com/sites/daveyw...

New Gmail Account Attack Warning—Hackers Abuse Critical Security Check As Gmail support forums continue to fill with pleas for help amid hacker attacks, a new report reveals that a critical Google security check is being abused.

Beware this fake Google Account security checkup tool. @malwarebytes.com called it “one of the most fully featured browser-based surveillance toolkits."

#infosec

www.forbes.com/sites/daveyw...

Iran Plunges Into ‘Near-Total Internet Blackout’ As Epic Fury Strikes Begin As Operation Epic Fury begins, network data reveals that Iran has been plunged into near internet darkness, with national connectivity now at just 4%.

By me @forbes.com with thanks to @lisaforte.bsky.social

www.forbes.com/sites/daveyw...

PayPal Confirms Data Breach — Money Stolen, Passwords Reset PayPal has confirmed a breach that exposed personal information to a hacker. Are you affected? What data was exposed?

Nothing to see here, just a PayPal data breach.

#PayPal #DataBreach #cybersecurity #news #money

www.forbes.com/sites/daveyw...

Instagram Password Reset Attacks — Users Must Check 1 Thing Now Do not lose your Instagram account to hackers as data on 17.5 million users is published online — here’s what you need to know and do.

By me @Forbes: Don't panic, your Instagram is most likely safe even if, like me, you are getting inundated with password reset notifications after the alleged data breach impacting 17.5 million accounts.

#infosec #instagram

www.forbes.com/sites/daveyw...

By me @Forbes: European Space Agency confirms that some 'science servers' have been compromised.

Attackers claim 200 GB of data was stolen.

#infosec #Space #Science

www.forbes.com/sites/daveyw...

CISA issues actively exploited ASUS, Cisco and SonicWall vulnerabilities warning The US CISA has just published a security alert impacting Asus, Cisco and SonicWall users. Here’s what you need to do.

By me @ TechFinitive: Use Cisco, Asus or SonicWall kit? You’ll possibly want to read this…

#infosec

www.techfinitive.com/cisa-issues-...

By me @Forbes: 630 million stolen passwords, found on devices from one cyber criminal, confirmed.

Check for yours now.

#infosec

www.forbes.com/sites/daveyw...

ShadyPanda played the long game, waiting years to infect 4 million browsers with spyware We reveals the seven-year waiting game played by ShadyPanda, responsible for infecting 4.3 million Chrome and Edge users

When the long game pays off. The seven year threat itch…

#technology #news #cyberattack #cybersecurity

www.techfinitive.com/shadypanda-p...

Latest Have I Been Pwned update gives 1.3 billion new reasons to stop relying on passwords I will readily admit that I sound like a broken record when it comes to the need to stop using magical thinking about passwords and account security. Relying upon a password to protect your data is li...

Unmanaged passwords = shite.

New Slipknot song or sage security advice?

#infosec

www.techfinitive.com/latest-have-...

X Issues November 10 ‘Account Will Be Locked’ Twitter Security Warning Elon Musk’s X has confirmed accounts will be locked on November 10 if this Twitter security setting isn’t updated. What you need to know.

Nice job by X of confusing pretty much every fecker with this one. You'd have thought a communication platform would be able to communicate things better first time around.

#infosec #twitter #x
#socialmedia #technology #news

www.forbes.com/sites/daveyw...

The WhatsApp $1 Million Hack Mystery — What You Need To Know Has WhatsApp been hacked with a $1 million zero-click zero-day exploit? Here’s everything we know so far.

So, what is actually happening with regard to the WhatsApp zero-day that wasn't? Or was it?

#infosec #WhatsApp #hack #technology #news

www.forbes.com/sites/daveyw...

Password Hack Warning As New Threat Jumps From Your Laptop To Phone As if by magic, this password hack jumps from your laptop to your smartphone — but it's you who waves the wand.

This article @forbes.com has now been updated with an interesting counterpoint from @paulwalsh.bsky.social.

#Infosec

www.forbes.com/sites/daveyw...

Critical Zero-Day Exposes FTP Servers To Attack With Microsoft SharePoint servers still under attack, now comes the news that FTP servers have been hit by another critical zero-day exploit.

By me @forbes.com: Happy Monday security teams. It never rains but it comes thundering down with voluminous claps of thunder.

CrushFTP zero-day confirmed.

#infosec

www.forbes.com/sites/daveyw...

Microsoft Confirms Ongoing Mass SharePoint Attack — No Patch Available Microsoft has confirmed that SharePoint Server is under mass attack and no patch is yet available — here’s what you need to know and how to mitigate the threat.

By me @forbes.com: Global hack attack underway against SharePoint Server, no patch available and mitigations include pulling the internet plug.

#infosec

www.forbes.com/sites/daveyw...

Web Browser AI Hack Attacks Confirmed — What You Need To Know Your web browser is hiding these hack attacks — what you need to know about the AI cloaking-as-a-service threat.

By me @forbes.com: Cloaking-as-a-Service, the "you can't see me" threat you can't, erm, see, unless you can.

#kudos @slashnext

#infosec

www.forbes.com/sites/daveyw...

Microsoft Security Update Breaks Windows 10 Search Feature The latest Microsoft Patch Tuesday security updates have done the opposite and broken yet another Windows feature. Here’s what you need to know.

By me @forbes.com: Here we go again, Microsoft weakening trust in security updates. Sure, emoji search isn't exactly essential, but it is part of a slippery slope. The cumulative effect is a bad thing - yay or nay, dear readers?

#infosec

www.forbes.com/sites/daveyw...

From Vibe Coding To Vibe Hacking — AI In A Hoodie Vibe coding is a phenomenon, and cyberattacks are fast-evolving thanks to AI. Is vibe hacking the next big thing in cyber?

By me @forbes.com: AI in a hoodie. Pew Pew. Or maybe not...

#kudos Forescout and Michele Campobasso for the excellent research and analysis.

#infosec

www.forbes.com/sites/daveyw...

Microsoft Confirms Windows 11 Update Causes Security Firewall Error Another Windows update, another problem caused by an update — what you need to know as users report Windows Firewall error.

Happy #Sunday security sleuths. By me @forbes.com: does anyone actually check Microsoft updates before pushing them out anymore? Serious question - with apologies to my Microsoft buddies.

#infosec

www.forbes.com/sites/daveyw...

Amazon Issues Security Warning As Prime Account Hacks Mount As Prime Day 2025 is confirmed — Amazon warns of account hack attacks.

By me @forbes.com: Amazon Prime Day 2025 is fast approaching. Last year cybercriminals went into overdrive, with attacks up 80%.

#infosec

www.forbes.com/sites/daveyw...

Google Chrome Warning — Windows, Android, Mac And Linux Users Act Now Don’t wait — all users should update Google Chrome now.

By me @forbes.com: Another day, another Google Chrome security update.

#infosec

www.forbes.com/sites/daveyw...

16 Billion Apple, Facebook And Google Passwords Leaked — Change Yours Now Change all your account passwords now — don’t wait: 16 billion credentials are confirmed as having been leaked.

By me @forbes.com: The GOAT of all credentials leaks, all new data (with the exception of 184 million records from May) the researchers say. #kudos @j4vv4d.com for advice.

#infosec

www.forbes.com/sites/daveyw...

Your Passwords Are At Risk — New Windows XFiles Attack Confirmed This new password-stealing attack targets Windows users — here’s what you need to know about the XFiles threat.

By me @forbes.com: The truth is out there, but the XFiles attackers aren't the ones telling it.

#InfoSec

www.forbes.com/sites/daveyw...

Microsoft Confirms Outlook Emails Are Crashing — Here’s The Fix Are your Outlook emails crashing? Here’s a temporary fix while Microsoft works on an update.

By me @forbes.com: Are your Outlook emails crashing? Here's the fix.

www.forbes.com/sites/daveyw...

Update Windows Now — Microsoft Confirms System Takeover Danger Microsoft has issued a warning that Windows hackers could gain system privileges using this authentication relay attack — an update is available; apply now.

By me @forbes.com: You have patched CVE-2025-33073 already, right? Riiiight? #kudos @Synacktiv

#infosec

www.forbes.com/sites/daveyw...

This New Ransomware Can Irrevocably Destroy Your Files — Backup Now Be warned, this ransomware threat can permanently erase your files — act now.

By me @forbes.com: New Ransomware-as-a-Service group adds nasty file wiper to the payment leverage threat arsenal.

#infosec

www.forbes.com/sites/daveyw...